More packages are being compromised, and blog posts are also covering recent RSC vulnerabilities. Maybe we're reaching a tipping point, and better security practices will consolidate this year. On the React Native side, Hermes-node is quite exciting, although it's very early. An exciting TC39 meeting is currently underway, and several proposals have already progressed. Yarn and npm are improving on the security side. Bun and pnpm are being ported to Rust.
Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. "If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published on December 17, 2025 or previously," the cybersecurity company said in a statement over the weekend.
This week's recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever path gives the easiest foothold.
The report catalogues a relentless barrage of cyber operations, most by state-sponsored groups, against EU and US industrial supply chains. It suggests the range of targets for these hackers has grown to encompass the broader industrial base of the US and Europe from German aerospace firms to UK carmakers. State-linked hackers have long targeted the global defence industry, but Luke McNamara, an analyst for Google's threat intelligence group, said they had seen more personalised and direct to individual targeting of employees.
Fortinet has warned that a new security flaw in FortiWeb has been exploited in the wild. The medium-severity vulnerability, tracked as CVE-2025-58034, carries a CVSS score of 6.7 out of a maximum of 10.0. It has been addressed in version 8.0.2. "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands," the company said.
Marc Benoit, chief information security officer at PAN, confirmed in a note to clients - seen by The Register - that it was informed on August 25 that the "compromise of a third-party application, Salesloft's Drift, resulted in the access and exfiltration of data stored in our Salesforce environment." It immediately disconnected the third-party application from its Salesforce CRM, he said.
